Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfSense + Squid + local network

    General pfSense Questions
    1
    1
    73
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Antoine1 last edited by Antoine1

      Hi everybody,

      I am struggling since few days now with my setup and you are my last chance before leaving all as it is now...

      Installation:
      1/Pfsense as a FW. Everything which goes from my ISP box goes through it.
      Installed in a VM on ESXI.
      WAN IP: 192.168.1.10
      Lan IP: 192.168.2.1
      Acme package is installed and I have a certificate for my domain name and its subdomains

      2/Bitwarden setup in docker in another VM and accessible via 192.168.2.14:32770
      No cert installed
      3/Nextcloud setup up in a jail within Freenas which is himself in another VM.
      Nextcloud could be reached via 192.168.2.40:443
      No cert installed

      I have an OVH domain name . which points my public IP
      I have two subdomains registered bw.      . and nc.****. which are also pointing to my public IP

      What I am trying to do:
      Reach either Nextcloud or Bitwarden through nc.. or bw.. and use the global cert I have in PfSense.
      I do not want these VM to be reachable from outside of my own network

      I have followed serveral howto using Squid as a reverse proxy and this is definitely working but only when I make the port 443 accessible from outside (which I do not want).
      In this config, Nextcloud and Bitwarden benefits for the global cert and are reachable via the subdomains mentioned earlier.
      If I do not allow connection on 443, I lose the internal access to my VM.

      I also tried using HAProxy but results is exactly the same.
      I do not know where to look at anymore...

      Is any of you have an idea on how I could reach my target?
      I could provide whatever info you might estimate necessary to understand and fix.

      Many thanks in advance,

      Regards,

      Antoine

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy